main: rename landlock_config to landlock_rules

To keep the naming consistent, rename all uses of landlock_config
to landlock_rules.

Signed-off-by: Praveen K Paladugu <prapal@linux.microsoft.com>
This commit is contained in:
Praveen K Paladugu 2024-08-01 17:38:20 +00:00 committed by Bo Chen
parent b9f086bcb3
commit bd180bc3eb
5 changed files with 21 additions and 21 deletions

View File

@ -191,7 +191,7 @@ impl RequestHandler for StubApiRequestHandler {
tpm: None, tpm: None,
preserved_fds: None, preserved_fds: None,
landlock_enable: false, landlock_enable: false,
landlock_config: None, landlock_rules: None,
})), })),
state: VmState::Running, state: VmState::Running,
memory_actual_size: 0, memory_actual_size: 0,

View File

@ -1066,7 +1066,7 @@ mod unit_tests {
tpm: None, tpm: None,
preserved_fds: None, preserved_fds: None,
landlock_enable: false, landlock_enable: false,
landlock_config: None, landlock_rules: None,
}; };
assert_eq!(expected_vm_config, result_vm_config); assert_eq!(expected_vm_config, result_vm_config);

View File

@ -497,7 +497,7 @@ pub struct VmParams<'a> {
#[cfg(feature = "sev_snp")] #[cfg(feature = "sev_snp")]
pub host_data: Option<&'a str>, pub host_data: Option<&'a str>,
pub landlock_enable: bool, pub landlock_enable: bool,
pub landlock_config: Option<Vec<&'a str>>, pub landlock_rules: Option<Vec<&'a str>>,
} }
impl<'a> VmParams<'a> { impl<'a> VmParams<'a> {
@ -564,7 +564,7 @@ impl<'a> VmParams<'a> {
#[cfg(feature = "sev_snp")] #[cfg(feature = "sev_snp")]
let host_data = args.get_one::<String>("host-data").map(|x| x as &str); let host_data = args.get_one::<String>("host-data").map(|x| x as &str);
let landlock_enable = args.get_flag("landlock"); let landlock_enable = args.get_flag("landlock");
let landlock_config: Option<Vec<&str>> = args let landlock_rules: Option<Vec<&str>> = args
.get_many::<String>("landlock-rules") .get_many::<String>("landlock-rules")
.map(|x| x.map(|y| y as &str).collect()); .map(|x| x.map(|y| y as &str).collect());
@ -606,7 +606,7 @@ impl<'a> VmParams<'a> {
#[cfg(feature = "sev_snp")] #[cfg(feature = "sev_snp")]
host_data, host_data,
landlock_enable, landlock_enable,
landlock_config, landlock_rules,
} }
} }
} }
@ -2725,9 +2725,9 @@ impl VmConfig {
.map(|p| p.iommu_segments.is_some()) .map(|p| p.iommu_segments.is_some())
.unwrap_or_default(); .unwrap_or_default();
if let Some(landlock_configs) = &self.landlock_config { if let Some(landlock_rules) = &self.landlock_rules {
for landlock_config in landlock_configs { for landlock_rule in landlock_rules {
landlock_config.validate()?; landlock_rule.validate()?;
} }
} }
@ -2901,10 +2901,10 @@ impl VmConfig {
#[cfg(feature = "guest_debug")] #[cfg(feature = "guest_debug")]
let gdb = vm_params.gdb; let gdb = vm_params.gdb;
let mut landlock_config: Option<Vec<LandlockConfig>> = None; let mut landlock_rules: Option<Vec<LandlockConfig>> = None;
if let Some(ll_config) = vm_params.landlock_config { if let Some(ll_rules) = vm_params.landlock_rules {
landlock_config = Some( landlock_rules = Some(
ll_config ll_rules
.iter() .iter()
.map(|rule| LandlockConfig::parse(rule)) .map(|rule| LandlockConfig::parse(rule))
.collect::<Result<Vec<LandlockConfig>>>()?, .collect::<Result<Vec<LandlockConfig>>>()?,
@ -2943,7 +2943,7 @@ impl VmConfig {
tpm, tpm,
preserved_fds: None, preserved_fds: None,
landlock_enable: vm_params.landlock_enable, landlock_enable: vm_params.landlock_enable,
landlock_config, landlock_rules,
}; };
config.validate().map_err(Error::Validation)?; config.validate().map_err(Error::Validation)?;
Ok(config) Ok(config)
@ -3070,7 +3070,7 @@ impl Clone for VmConfig {
.as_ref() .as_ref()
// SAFETY: FFI call with valid FDs // SAFETY: FFI call with valid FDs
.map(|fds| fds.iter().map(|fd| unsafe { libc::dup(*fd) }).collect()), .map(|fds| fds.iter().map(|fd| unsafe { libc::dup(*fd) }).collect()),
landlock_config: self.landlock_config.clone(), landlock_rules: self.landlock_rules.clone(),
..*self ..*self
} }
} }
@ -3870,7 +3870,7 @@ mod tests {
}, },
]), ]),
landlock_enable: false, landlock_enable: false,
landlock_config: None, landlock_rules: None,
}; };
let valid_config = RestoreConfig { let valid_config = RestoreConfig {
@ -4060,7 +4060,7 @@ mod tests {
tpm: None, tpm: None,
preserved_fds: None, preserved_fds: None,
landlock_enable: false, landlock_enable: false,
landlock_config: None, landlock_rules: None,
}; };
assert!(valid_config.validate().is_ok()); assert!(valid_config.validate().is_ok());

View File

@ -2243,7 +2243,7 @@ mod unit_tests {
tpm: None, tpm: None,
preserved_fds: None, preserved_fds: None,
landlock_enable: false, landlock_enable: false,
landlock_config: None, landlock_rules: None,
})) }))
} }

View File

@ -798,7 +798,7 @@ pub struct VmConfig {
pub preserved_fds: Option<Vec<i32>>, pub preserved_fds: Option<Vec<i32>>,
#[serde(default)] #[serde(default)]
pub landlock_enable: bool, pub landlock_enable: bool,
pub landlock_config: Option<Vec<LandlockConfig>>, pub landlock_rules: Option<Vec<LandlockConfig>>,
} }
impl VmConfig { impl VmConfig {
@ -876,9 +876,9 @@ impl VmConfig {
landlock.add_rule_with_access("/dev/net/tun".into(), "rw")?; landlock.add_rule_with_access("/dev/net/tun".into(), "rw")?;
} }
if let Some(landlock_configs) = &self.landlock_config { if let Some(landlock_rules) = &self.landlock_rules {
for landlock_config in landlock_configs.iter() { for landlock_rule in landlock_rules.iter() {
landlock_config.apply_landlock(&mut landlock)?; landlock_rule.apply_landlock(&mut landlock)?;
} }
} }